Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8hcrRT-nIIcFYOuaxvIJww98Gos.roa
File:                     8hcrRT-nIIcFYOuaxvIJww98Gos.roa (raw, json)
Hash identifier:          PXk4p+gaxQIerCQbT/Gq+FYl8ZQlBTlh0xf3lDx7YEQ=
Subject key identifier:   F2:17:2B:45:3F:A7:20:87:05:60:EB:9A:C6:F2:09:C3:0F:7C:1A:8B
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018B4E9FC72976D07439CFA355B7FDEEB375
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8hcrRT-nIIcFYOuaxvIJww98Gos.roa
Signing time:             Fri 20 Oct 2023 19:46:15 +0000
ROA not before:           Fri 20 Oct 2023 19:46:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     262287
IP address blocks:        84.32.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:4e:9f:c7:29:76:d0:74:39:cf:a3:55:b7:fd:ee:b3:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Oct 20 19:46:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2172b453fa720870560eb9ac6f209c30f7c1a8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:cc:99:b2:b5:1f:b1:fb:8e:ba:bb:76:b7:dd:
                    96:50:b5:77:00:ae:66:f7:a8:9a:a2:40:8c:01:99:
                    20:39:b9:1b:53:71:11:35:b1:90:b1:86:45:5f:f7:
                    44:23:e7:e9:eb:ef:ee:6b:e7:57:1d:bc:2a:c9:94:
                    94:ef:3a:b7:19:5e:42:d3:a7:03:11:a6:9a:e3:14:
                    db:b7:0a:53:27:9a:dc:35:96:0e:08:e8:44:cf:df:
                    88:32:38:11:bb:32:8b:5a:69:72:93:86:b7:17:33:
                    33:3c:e6:a6:dc:b7:89:fa:08:7b:58:03:f9:a7:10:
                    13:6c:86:3b:eb:8a:97:cc:55:14:6b:32:97:83:36:
                    3a:8a:0b:9e:2f:ff:f2:6c:4a:e0:e0:64:de:57:ed:
                    c5:66:17:6b:dc:16:f6:bc:41:6d:8e:61:77:b1:48:
                    00:7c:1f:89:b6:c4:91:95:a8:6c:ce:82:62:80:c9:
                    c4:f5:b3:84:73:55:8b:cc:fe:26:93:48:f7:2f:40:
                    be:bb:3a:f0:44:1d:ea:4d:df:e7:70:08:ac:60:77:
                    ad:a3:2f:1b:69:95:f4:82:3d:36:cf:c2:7b:2a:f9:
                    21:01:a2:6f:27:4b:57:a4:ff:6a:07:bd:20:b1:4c:
                    b7:d1:ab:a9:0a:69:39:c1:54:5c:bf:95:ad:19:0a:
                    f0:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:17:2B:45:3F:A7:20:87:05:60:EB:9A:C6:F2:09:C3:0F:7C:1A:8B
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8hcrRT-nIIcFYOuaxvIJww98Gos.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:53:61:a5:5b:6d:30:e3:0d:63:60:8a:2e:35:5a:c9:94:23:
         b1:49:4d:59:ad:8c:3a:a2:f1:d5:a1:0d:27:2f:dd:67:9b:91:
         af:de:c9:13:e8:26:6e:38:6d:7a:35:51:b8:c8:a5:f2:96:27:
         3b:db:a6:34:34:0f:cb:f7:b6:d9:c3:15:a9:71:e8:68:6d:e5:
         9a:95:12:51:01:ac:a9:a9:15:a6:a3:05:e3:98:5d:c3:4c:25:
         0d:d8:eb:07:7f:c0:a5:6f:c1:85:7e:8a:1d:ab:9e:02:40:f9:
         26:41:0b:91:cb:1d:a5:3d:e8:b2:f5:4c:66:e1:11:38:02:95:
         73:6e:e8:d2:1b:0a:f6:f2:2d:17:3d:1a:11:c3:c9:2c:3f:52:
         2f:44:2d:51:59:d7:9a:62:c1:84:6f:af:65:64:84:67:65:09:
         a1:98:3c:9d:db:8a:b9:79:74:fa:d5:f2:03:6c:94:bd:0b:21:
         7d:ed:18:df:d1:a3:f3:e8:da:a4:a6:e6:f2:b5:8d:13:2d:d0:
         59:e4:d6:cc:d8:12:a0:f9:11:19:23:72:34:05:b4:35:7a:fa:
         33:09:71:eb:59:ad:1c:8a:fd:0b:60:f6:17:88:a5:08:49:8b:
         7b:eb:fb:a9:e4:9e:ca:f8:96:09:43:d5:65:fc:ea:a3:46:6d:
         18:02:87:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtOn8cpdtB0Oc+jVbf97rN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDIwMTk0NjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjE3MmI0NTNmYTcyMDg3MDU2MGViOWFjNmYyMDljMzBmN2MxYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8yZsrUfsfuOurt2t92WULV3AK5m
96iaokCMAZkgObkbU3ERNbGQsYZFX/dEI+fp6+/ua+dXHbwqyZSU7zq3GV5C06cD
Eaaa4xTbtwpTJ5rcNZYOCOhEz9+IMjgRuzKLWmlyk4a3FzMzPOam3LeJ+gh7WAP5
pxATbIY764qXzFUUazKXgzY6igueL//ybErg4GTeV+3FZhdr3Bb2vEFtjmF3sUgA
fB+JtsSRlahszoJigMnE9bOEc1WLzP4mk0j3L0C+uzrwRB3qTd/ncAisYHetoy8b
aZX0gj02z8J7KvkhAaJvJ0tXpP9qB70gsUy30aupCmk5wVRcv5WtGQrwlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIXK0U/pyCHBWDrmsbyCcMPfBqLMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOGhjclJULW5JSWNGWU91YXh2SUp3dzk4R29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCBfMA0G
CSqGSIb3DQEBCwUAA4IBAQADU2GlW20w4w1jYIouNVrJlCOxSU1ZrYw6ovHVoQ0n
L91nm5Gv3skT6CZuOG16NVG4yKXylic726Y0NA/L97bZwxWpcehobeWalRJRAayp
qRWmowXjmF3DTCUN2OsHf8Clb8GFfoodq54CQPkmQQuRyx2lPeiy9Uxm4RE4ApVz
bujSGwr28i0XPRoRw8ksP1IvRC1RWdeaYsGEb69lZIRnZQmhmDyd24q5eXT61fID
bJS9CyF97Rjf0aPz6NqkpubytY0TLdBZ5NbM2BKg+REZI3I0BbQ1evozCXHrWa0c
iv0LYPYXiKUISYt76/up5J7K+JYJQ9Vl/OqjRm0YAoeM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org